Researchers Find Vulnerabilities in Apache Remote Desktop Software

Researchers have discovered a gaping hole in popular remote access system Apache Guacamole that puts thousands of companies with remote employees at risk. The flaw could allow attackers to control the software and the computers that connect to it. Luckily, there is a patch available.

With large numbers of employees now working from home, remote access systems that let users control computers in the office from their home machines are increasingly popular. One free version is the open source software Apache Guacamole.

Provided by the open source Apache Software Foundation, Guacamole is a gateway that enables remote clients to connect from a browser via various protocols, including Microsoft's Remote Desktop Protocol (RDP). It is a popular product, with over 10 million downloads of its docker container.

Researchers at Check Point began evaluating this software in mid-February as the company prepared to transfer over 5,000 employees to remote work during the early stages of the pandemic. They quickly found problems with the open source gateway. If it connects to a compromised computer inside the network, attackers can use that machine to take control of the entire gateway with potentially disastrous results, they warned.

"Once in control of the gateway, an attacker can eavesdrop on all incoming sessions, record all the credentials used, and even start new sessions to control the rest of the computers within the organization," said the researchers in their report. "When most of the organization is working remotely, this foothold is equivalent to gaining full control over the entire organizational network."

..

Support the originator by clicking the read the rest link below.